<?php

namespace app\http\middleware;
use Casbin;

class Authorization
{
    public function handle($request, \Closure $next)
    {
		         $user_info = session('userInfo');
		         $method = $request->method();
				 $url = $request->module() . '/' . $request->controller() . '/' . $request->action();
		         if (!$user_info){
		             return json()->data(['code'=>1,'msg'=>'没有登陆!'])->code(401);
		         }
		         if (!Casbin::enforce($user_info['group_alias'], strtolower($url))) {
		             return json()->data(['code'=>1,'msg'=>'没有权限!'])->code(200);
		         }
		        sreturn $next($request);
    }
}
